Using the httpd collection to set up a web server

SCS Facilities maintains an "httpd" misc collection that contains the files needed to set up an Apache web server (version 1.3.x) with built-in PHP4, PHP5, mod_perl, and SSL on a Facilitized Unix/Linux host.

You are responsible for making sure that your web server does not serve any information not intended to be publicly available. In particular, you should not make arbitrary directories in AFS publicly available. Keep in mind that your workstation is probably a member of some AFS special groups (such as "system:friendlyhost") to which the main SCS web servers do not belong.

If you will be writing or installing CGI scripts, be aware of the security issues with those scripts. See the CGI security FAQ [offsite link, will open in a new window] for details about some of the security issues with such scripts. Also, it's recommended that you use "IncludesNOEXEC" if you enable server-side includes.

Server installation and setup

To install the httpd collection, you will need to perform the following steps as root. If you have not used root privileges on a Facilitized Unix/Linux host before, please see our documentation on local administration of Facilitized Unix/Linux hosts before proceeding.

Subscribe to the httpd collection. To subscribe to the httpd collection, edit or create the file /etc/quirk.local. Either add a new line:

services=httpd

to the file, or add "httpd" to the comma-separated list of existing services. Note: there can only be one "services" line. Adding a second line will not work.

Make sure that you are using the right SUP distribution host. In order to use services collections, your SUP host must be dist.fac.cs.cmu.edu. To switch to this SUP host, create (or modify) the file /etc/disthost so that the contents of the file consist of the single line:

dist.fac.cs.cmu.edu

Run dosupdepot. After you modify /etc/quirk.local, run /usr/local/bin/dosupdepot.

Start the server. The web server runs under nanny, a "server babysitter" (run "man nanny" for more information). To start the server, you should run the following two commands:

/usr/local/etc/nanny -reconfigure /etc/nanny.conf

to have nanny recognize the new server, and

/usr/local/etc/nanny -restart httpd

to have nanny start httpd.

Your web server is now ready to go.

Server configuration

As part of installation process, an entry for a "wwwsrv" user will be added to /etc/passwd if such an entry does not already exist. Some directories and files of note:

/etc/httpd/

This directory contains the configuration files for httpd

/etc/httpd/httpd.conf.example

This file contains a sample default configuration. It will automatically be copied to /etc/httpd/httpd.conf, which is the working configuration file, if that file does not exist. httpd.conf.example also contains extensive comments describing the web server configuration.

/etc/httpd/httpd.opts

This file contains various command-line arguments to be added to the httpd process invocation. Its existance is optional.

Where the served documents and CGI scripts, respectively, are served from by default. The initial configuration script may attempt to symlink /usr/wwwsrv to /usr0/wwwsrv depending on whether or not these directories already exist.

/var/log/httpd/

This directory is where the web server logs are stored by default

If you need to configure your server, you should edit /etc/httpd/httpd.conf to suit your needs. If your server needs to support SSL, you will need a web server certificate. To generate a certificate signing request (CSR) and request a signed certificate, see our instructions for generating a CSR.

Enabling mod_perl

To enable mod_perl, create or edit the file /etc/httpd/httpd.opts. Either add the line:

-DUSE_mod_perl

to the empty file or add "-DUSE_mod_perl" to the end of the space-separated list of command-line arguments on the first line of the file. Note: This file should contain only a single line of flags and nothing else.

Enabling PHP 4 or 5

The httpd misc collection includes both PHP 4 and PHP 5, but only one of them may be enabled at a time. All standard extensions have been built-in, including the MySQL extensions which can be used to interface with a MySQL database server.

To enable PHP 4 or PHP 5, create or edit the file /etc/httpd/httpd.opts. Either add the line:

-DUSE_mod_php4

or

-DUSE_mod_php5

to the empty file or add "-DUSE_mod_php4" or "-DUSE_mod_php5" to the end of the space-separated list of command-line arguments on the first line of the file. Note: This file should contain only a single line of flags and nothing else.